• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Problems with biometric authentication

Problems with biometric authentication



This note outlines some of the conceptual cha

This note outlines some of the conceptual cha



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Problems with biometric authentication Problems with biometric authentication Document Transcript

    • Problems with Biometric AuthenticationProblems with Biometric Authentication NSF (National Science Foundation,USA) Report: Who Goes There? Authentication through the Lens of Privacy “Recommendation: Biometric Technologies should not be used to authenticate users via remote authentication servers because of the potential for large-scale privacy and security compromises in the event of a successful attack (either internal or external) against such servers. The use of biometrics for local authentication – for example, to control access to a private key on a smart card – is a more appropriate type of use for a biometric.”Pitfalls with Biometric Authentication mechanisms:  False Acceptance/False Rejection tradeoff – Acceptable false rejection rate usually means non-negligible false acceptance rate – Very expensive testing required to fully characterize  Biometrics readers often can be fooled by “artifacts” – “Liveness detection” largely a research topic • Very expensive testing needed to verify – For high assurance the reader should be attended or at least observed until we get verifiably strong liveness detectionChallenges to be addressed with Biometrics:In theory, biometrics are a great way to authenticate a user: its impossible to lose yourfingerprint, you cant forget it like you could a password, and its unique to you. In practice,though, there are so many things that, for now, limit a more widespread use of this technology.One of the problems is its uniqueness the thing that makes using biometric data an inherentlyflawed choice for a primary method of authentication. Once you have your fingerprint scannedit will give a unique data sequence which if compromised is not exactly something you canchange. Imagine having an option of only one password ever. One loss and your identity iscompromised for-ever.Another problem is that current scanners still cant recognize if the fingerprint is on a real fingeror an artificial one. In theory, one could get a hold of the users fingerprint using techniquesused in crime detection and transfer it on an artificial finger. This will likely change as thetechnology evolves, but for now the system is still fallible, and not suitable to be a primarysolution to the authentication problem. ArrayShield | info@arrayshield.com Page 1